How to spot a scam email

Have you ever opened your inbox and found an email that looks suspicious but you’re not sure? Maybe it’s from a customer who claims they’ve ordered something that hasn’t arrived but you have no record of the sale, an ‘oceanographer’ who needs an item sent to an oil rig, or someone asking about alternative ways to pay. How do you know which one is from a genuine customer and which one isn’t? Most are easy to spot but some are designed to catch out even seasoned scam spotters.

On Folksy we take your security very seriously and our messaging system has protections in place to make sure we catch as many scam emails as possible so they don’t even reach you. From time to time though, as with all spam filters, some malicious emails will get through. To help keep you safe online, we’ve put together tips for spotting those nasty emails that you’re best to avoid (including the tell-tale signs of a scam message), as well as advice on what to do if you do accidentally open, click on or reply to a scam email.

What are scam emails?

Online scams usually work by:

1. Tricking you into giving out your personal details or sensitive information (phishing), or
2. Tricking you into making a payment to someone you think you can trust (fraud)

By far the most common scam used across online selling platforms, including Folksy, is what’s known as the Nigerian 419 scam or the Advanced Fee fraud. What the fraudster is trying to get you to do here is transfer money into their bank account. They do this by agreeing to buy your item/s by a direct payment to your Paypal account (including a large amount to cover courier costs), then asking you to transfer the shipping fee to their account (often to a Western Union account). However, the email that appears to be from Paypal telling you have received money relating to this order is likely to be fake. So the shipping fee that you transfer out of your account will be your own money. Read more about this scam here >

We also recently had a scam where a number of our sellers were contacted about an invalid order. This asked Folksy sellers to sort out a missing order (see image below). A screenshot of the Paypal receipt was attached as proof. This email was a hoax, designed to encourage sellers to click on the screenshot, which contained a virus.

You can read more about this scam and what we’ve done to prevent it happening again here >

Scams are constantly evolving – they take many forms and can be simple or sophisticated. So be alert and take a few minutes read the article below to familiarise yourself with common online scams, the tell-tale signs of what to look for and how to protect yourself: http://www.actionfraud.police.uk/fraud-az-vishing

How to spot a scam email: the tell-tale signs

There are some signs to look for when you get a suspicious email and you’re not sure whether it’s from a genuine buyer or a scam. Here are some key giveaways:

• The email is addressed to ‘Seller’ or something other than your name or your shop name
• It contains poor English, spelling or grammar
• Details about the order are vague or confusing
• It contains a link to click on or a file to download
• It tells you they’ve been in touch with Folksy Support but we haven’t emailed you
• It asks you to give out passwords or other sensitive information
• They want to make a large payment to you outside of Folksy and/or PayPal

What should you do if you get a scam email

If you are at all suspicious of any message sent to you through Folksy, please don’t click any links or reply until you hear from us. Please forward the email to us at support@folksy.com with any other details you feel may be important, and we’ll usually get back to you within a few hours.

What to do if you click on a scam email

If you have not replied to the email or clicked a link, there is no risk. Please just report it to us and delete the email.

If you have replied to the email, the sender will see your email address. We would advise that you change your email password. Choose a strong, complex password.

If you receive a reply from their email address, mark the email as spam and block them.

Important: do not mark any emails from noreply@folksy.com or robot@folksy.com as spam as this will block emails from Folksy.

If you have clicked a link in an email that you think contains malicious code:

1. Disconnect from the internet
2. Back up your files
3. Run a full security scan on your computer or device with an appropriate, up-to-date security solution.
4. Change your passwords
5. To protect yourself from attacks, always make sure your operating system and any antivirus software is up to date and use strong passwords. Read more at http://www.cyberaware.gov.uk/

What to do if you are affected by a scam or online fraud

If you are affected by a scam or a victim of online fraud, you should report it to us at support@folksy.co.uk and to the following organisations:

• Action Fraud (0300 123 2040)
• Citizens Advice (08454 04 05 06)
• PayPal
• Your local police station, using non-emergency number 101

We hope all the advice contained in this blog post is useful. If you have received any scam emails, let us know what the messages said and how they tried to trick you. You can leave them as a comment below. Be careful not to share any dubious links or email addresses though! 

If you think this post is helpful, please share it using the buttons below: